<?php

    class AccessController extends Application {
        
        var $acl;
        
        function setup()
        {
            $this->actions = array('index','add','modify','delete','modify_user_access','modify_role_access');
            $this->use_layout('admin_layout.php');
            $this->before_filter('is_logged_in');
            $this->before_filter('has_access');                        
            use_model('acl');
            $this->acl = new Acl();
        }
        
        function has_access()
        {
            if (!has_access_to('Admin::Modify Permissions')) {
                flash('error','Sorry but you do not have access to the Permissions tool.');
                $this->redirect_to(array('controller'=>'admin/dashboard'));
            }
        }
        
        // list all acls
		function index() 
		{
		    $this->assign_ref('acl',$this->acl);
            $list = $this->acl->find(array(
                                'search'=>'all',
                                'order'=>'acl_name'
                            ));
            $this->assign('list', $list);
		}
		
		function add()
		{
		    if ( $_POST['action'] == 'add')
		    {
		        if ( $this->acl->update_fields($_POST) ) {
		            $this->assign('l',$this->acl->fields);
                    $this->render(array('partial'=>'_list.php'));
                    return;
                } else {
                    foreach( $this->acl->get_errors() as $key => $value )
            		{
            			$errors .= "$key: ".implode("<br>",$value);
            		}
                    $this->assign('error',$errors);
                    $this->render(array('partial'=>'_error.php'));                    
                    return;
                }
		    }
		    $this->redirect_to('index');
		}
		
		function modify()
        {
            $this->assign_ref('acl',$this->acl);
            if ( $_POST['action'] == 'edit' )
            {                                
                $id = (int) $_POST['id'];
                $this->acl->load($id);
                $value = isset($_POST['acl_name']) ? 'acl_name' :'acl_description';
                if ($this->acl->update_fields($_POST) ) { 
                    $this->render(array('inline'=>$this->acl->get($value)));                    
                    return;
                } else {
                    $this->assign('error',   implode('\n',$this->acl->get_errors_on($value)));
                    $this->assign('id',      $this->acl->get('id'));
                    $this->assign('value',   $this->acl->get($value));
                    $this->assign('error_on',$value);
                    $this->render(array('partial'=>'_error.php'));                    
                    return;
                }              
            }
            $this->redirect_to('index');
        }
        
        function delete()
        {
            $this->use_layout(false);
            if ( !empty($_POST['id']) )
            {
                $this->acl->load( (int) $_POST['id'] );
                $this->acl->delete();
            }
            $this->redirect_to('index');
        }
        
        // takes user_id and changes access. does not display anything
        function modify_user_access()
        {
            if ( $_POST )
            {
                $user_id   = (int) $_POST['user_id'];
                $acl_id    = (int) $_POST['acl_id'];
                $access    = (int) $_POST['access'];
                switch ( $access )
                {
                    # deny
                    case 0:
                        $this->acl->deny_user_access($acl_id,$user_id);
                    break;
                    
                    # grant
                    case 1:
                        $this->acl->grant_user_access($acl_id,$user_id);
                    break;
                }
                $this->render(array('inline'=>'Success: Access Modified'));
                return;                
            }            
            $this->redirect_to('index');
        }  
        
        // takes role_id and changes access. does not display anything
        function modify_role_access()
        {
            if ( $_POST )
            {
                $role_id   = (int) $_POST['role_id'];
                $acl_id    = (int) $_POST['acl_id'];
                $access    = (int) $_POST['access'];
                switch ( $access )
                {
                    # deny
                    case 0:
                        $this->acl->deny_role_access($acl_id,$role_id);
                    break;
                    
                    # grant
                    case 1:
                        $this->acl->grant_role_access($acl_id,$role_id);
                    break;
                }
                $this->render(array('inline'=>'Success: Access Modified'));
                return;                
            }            
            $this->redirect_to('index');
        }              
        
    }

?>